Re: Certification Advice

[Clateu Borada <brain_freak () yahoo com>]

In-Reply-To: <38CC880B1CEBE14C9768F2CF438397FD115606 () D00WMEXC03 surete qc ca>

I'm sure this has come up a few times but I'm new to
this; anyway here I go:

I've been looking at SSCP (ISC^2) and Security+
(compTIA) and I trying to decide which would be a
better cert to dive into. Is any one more challenging
or more marketable than the other? I've got about a
year in security and currently hold CCSA,CCNA. I'm
looking for a vender neutral cert in the security
relm.
Any suggestions/opinions/$.02 are greatly appreciated.

Clat



> -----Original Message-----
> From: Jimi Thompson [mailto:jimit () myrealbox com]
> Sent: Friday, September 19, 2003 5:52 PM
> To: Hagen, Eric; Neil Fryer; Security Basics (E-mail)
> Subject: RE: Certification Advice
>
>
> The CISSP requirements for "security experience" cover ANY of the 10=20
> common bodies of knowledge (CBK's).  This includes physical security.=20
> While it may sound odd, working part time as a security guard would=20
> count toward your job experience requirement.  I would suspect that=20
> you use portions of the other CBK's as well without realizing it.=20
> With someone, like your self, who is quite close, I suspect that you=20
> in fact, may well have enough experience to qualify.  My suggestion=20
> is that you read the descriptions of all 10 of the CBK's quite=20
> closely and see if you aren't using them more than you think.
>
> HTH,
>
> Ms. Jimi Thompson, CISSP
>
> At 1:07 PM -0600 9/19/03, Hagen, Eric wrote:
> > For you, CISSP is a good cert.
> >
> > My problem is that I have significant training in security, including =
> all
> of
> > the core requisites for a MS in InfoSec from Iowa State University (NSA
> > center of excellence in security).  I'm working in General IT, leading =
> our
> > security task force, but that constitutes less than 50% of my job.  In
> > addition, I can only rightfully claim about 3 years experience, which
> > basically disqualifies me for the CISSP, even though I've passed a few
> > practice tests with near 100% scores.
> >
> > Anyone have any suggestions for someone in my position, who's been =
> studying
> > computer security for many years and has formal pen-test experience as =
> well
> > as Enterprise backend security engineering experience in several large
> > corporations (including a Fortune 500) but who doesn't have the resume =
> to
> > get a CISSP?
> >
> > I'd like to get a dedicated Security Job but it's almost impossible to =
> be
> > hired WITHOUT a CISSP these days.  Can't get a CISSP until I get a new =
> job
> > (because this company has no plans to have a full-time security
> specialist).
> > Catch-22, thinking about starting my own consulting company, but that's =
> a
> > big leap for someone like me.
> >
> > Eric
> >
> >
> > -----Original Message-----
> > From: Neil Fryer [mailto:nfryer () marimba com]
> > Sent: Thursday, September 18, 2003 4:13 AM
> > To: Security Basics (E-mail)
> > Subject: Certification Advice
> >
> >
> > Hi All,
> >
> > I am considering getting some certifications under my belt, now my =
> question
> > to you is, what would you recommend? My background is basically 6 years =
> as
> a
> > *nix & MS Systems Administrator, but I want some papers that will help =
> to
> > get me into the right places one day, and more importantly I want to
> > increase my security knowledge.
> > I guess what I want to know is:
> >
> > a) What are good certifications to get, which will help to get me =
> closer to
> > getting into the security sector
> > b) What certifications have a decent curriculum.
> >
> > Thanks in advance.
> >
> > Kind regards,
> >
> > Neil Fryer
> > Marimba Software UK Ltd
> > 400 Thames Valley Park Drive
> > Thames Valley Park
> > Reading RG6 1PT
> > United Kingdom
> > Support Line: 08000 156155
> > http://www.marimba.com
> >
> >
> >
> > ------------------------------------------------------------------------=
> ---
> > Captus Networks
> > Are you prepared for the next Sobig & Blaster?
> >  - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
> >  - Precisely Define and Implement Network Security
> >  - Automatically Control P2P, IM and Spam Traffic
> > FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
> > http://www.captusnetworks.com/ads/42.htm
> > ------------------------------------------------------------------------=
> ---
> -
> > ------------------------------------------------------------------------=
> ---
> > Captus Networks
> > Are you prepared for the next Sobig & Blaster?
> >  - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
> >  - Precisely Define and Implement Network Security
> >  - Automatically Control P2P, IM and Spam Traffic
> > FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
> > http://www.captusnetworks.com/ads/42.htm
> > ------------------------------------------------------------------------=
> ---
> -
>
> -------------------------------------------------------------------------=
> --
> -------------------------------------------------------------------------=
> ---
>
>
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------